dovecot-1.2: acl: Always give admin right to owner in private ma...

dovecot at dovecot.org dovecot at dovecot.org
Sun Nov 16 13:48:15 EET 2008 

details:   http://hg.dovecot.org/dovecot-1.2/rev/f60d9dd18722
changeset: 8420:f60d9dd18722
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Nov 16 13:48:10 2008 +0200
description:
acl: Always give admin right to owner in private mailboxes.

diffstat:

1 file changed, 18 insertions(+), 1 deletion(-)
src/plugins/acl/acl-backend-vfile.c |   19 ++++++++++++++++++-

diffs (47 lines):

diff -r b8a3b8d6c60c -r f60d9dd18722 src/plugins/acl/acl-backend-vfile.c
--- a/src/plugins/acl/acl-backend-vfile.c	Sun Nov 16 13:41:17 2008 +0200
+++ b/src/plugins/acl/acl-backend-vfile.c	Sun Nov 16 13:48:10 2008 +0200
@@ -704,8 +704,10 @@ static void acl_backend_vfile_rights_sor
 
 static void acl_backend_vfile_cache_rebuild(struct acl_object_vfile *aclobj)
 {
+	static const char *const admin_rights[] = { MAIL_ACL_ADMIN, NULL };
+	struct mail_namespace *ns;
 	struct acl_object *_aclobj = &aclobj->aclobj;
-	struct acl_rights_update ru;
+	struct acl_rights_update ru, ru2;
 	const struct acl_rights *rights;
 	unsigned int i, count;
 	bool first_global = TRUE;
@@ -714,6 +716,12 @@ static void acl_backend_vfile_cache_rebu
 
 	if (!array_is_created(&aclobj->rights))
 		return;
+
+	ns = mailbox_list_get_namespace(_aclobj->backend->list);
+	memset(&ru2, 0, sizeof(ru2));
+	ru2.modify_mode = ACL_MODIFY_MODE_ADD;
+	ru2.rights.id_type = ACL_ID_OWNER;
+	ru2.rights.rights = admin_rights;
 
 	memset(&ru, 0, sizeof(ru));
 	rights = array_get(&aclobj->rights, &count);
@@ -731,9 +739,18 @@ static void acl_backend_vfile_cache_rebu
 			   can't mess things up via them */
 			first_global = FALSE;
 			ru.neg_modify_mode = ACL_MODIFY_MODE_REPLACE;
+
+			if (ns->type == NAMESPACE_PRIVATE) {
+				/* make sure owner has admin rights
+				   (at least before global ACLs are applied) */
+				acl_cache_update(_aclobj->backend->cache,
+						 _aclobj->name, &ru2);
+			}
 		}
 		acl_cache_update(_aclobj->backend->cache, _aclobj->name, &ru);
 	}
+	if (first_global && ns->type == NAMESPACE_PRIVATE)
+		acl_cache_update(_aclobj->backend->cache, _aclobj->name, &ru2);
 }
 
 static int acl_backend_vfile_object_refresh_cache(struct acl_object *_aclobj)

More information about the dovecot-cvs mailing list